Behind the Scenes Episode 384: Managed cloud on NetApp by Opti9Tech

Tech ONTAP Podcast Episode 384 – Managed Cloud with Opti9tech
===

Justin Parisi: This week on the Tech ONTAP Podcast, we talk to Sagi Brody of Opti9tech, all about managed services and how NetApp powers their infrastructure.

Podcast intro/outro: [Intro]

Justin Parisi: Hello and welcome to the Tech ONTAP Podcast. My name is Justin Parisi. I’m here in the basement of my house and with me today I have a special guest to talk to us all about hybrid cloud and cloud and more cloud. Sagi Brody is here. So Sagi, what do you do and how do we reach you?

Sagi Brody: I am the CTO at Opti9. I also run a consulting service called Ten Forward. Best way to reach me is probably on LinkedIn.

Justin Parisi: All right. And what is Opti9? Can you tell me more about what they do and what sort of services they provide?

Sagi Brody: Yeah, so Opti9 is a managed cloud provider. We provide production workload hosting via the way of private clouds. We also manage public clouds, which makes us a hybrid cloud provider. And we also have a fairly large focus in managed backups and disaster recovery.

Justin Parisi: Okay, so it’s a kind of service for your cloud needs.

If you don’t want to manage this stuff for yourself, you have the private cloud aspect where you basically set up a cloud in your environment or you can leverage the backbone of other clouds, right?

Sagi Brody: Yeah, I think you hit the nail on the head. I think the important aspect is for people that don’t have an appetite to take ownership of managing, monitoring, securing or scaling their public cloud or private cloud deployments, we will own everything on your behalf.

Justin Parisi: So when people come to you for that type of service, what are you finding their biggest gripes or their biggest pain points are for doing that sort of work themselves?

Sagi Brody: There’s so many. I think some folks just don’t even know where to start, don’t know the right questions to ask. They know that they don’t want to continue running things themselves, or being responsible. Year over year, the responsibilities on traditional IT teams are only increasing. Some of them, we’re being tasked with running cyber security and answering complex compliance requirements and then dealing with the sprawl of all these new applications in SaaS.

So I think what we’re seeing in IT in general is the complexity is ever increasing, and some of the low hanging fruit there to alleviate the load is to outsource layers of your infrastructure stack. We see a lot of companies at inflection points really asking themselves, and do we want our IT teams focused on managing infrastructure and securing and scaling it, or do we want them adding value to the business?

Justin Parisi: Yeah, a lot of these companies, they’re looking at the cloud, but they’re not necessarily looking to go a hundred percent cloud. They have resources and data on prem that they want to keep there. So that gives them this opportunity to deploy what’s known as a hybrid cloud, right? So basically some’s on prem, some’s in the cloud.

So how do you address those challenges? What do you tell customers that want to do that?

Sagi Brody: Yeah. So, I think a lot of people have this conception that if they’re going to go to the cloud, they’re going to just take a weekend and move everything over to some not well understood cloud.

And it’s very scary and dangerous and they just don’t want to do it. And, and, you know, they think that it’s because obviously they don’t have a good enough understanding of it, but what we tell them is. It doesn’t need to be like that. There are multiple different homes, you know, or places where you can house your workloads, and there’s not a one size fit all model.

And so what we want to do first is really go through their list of applications and use cases and understand what their requirements are from a latency perspective and security and compliance and access and really just have that conversation on a per workload basis and find them right home for each workload based on its unique requirements. The trick though is how do we do that while maintaining consistency for their corporate security, their corporate resilience, their corporate sovereignty requirements in an aggregate. And so what we try to do first is build a reference architecture for hybrid cloud and multi cloud.

So that we can provide them with flexibility to utilize multiple cloud platforms. So that they can mix and match as time goes on and in a way it future proofs their IT environment.

Justin Parisi: So a big part of moving to the cloud is starting to think about automation and thinking about doing things like containerization of applications.

Does Opti9 deal with that aspect of it? Does it deal with Kubernetes? Does it try to help modernize those data centers?

Sagi Brody: Yeah, absolutely. That’s a great point. Sometimes it’s not moving the application. Sometimes it’s retooling the application, rebuilding the application.

And we do help with that specifically on AWS. In fact, we’ve gotten really good at utilizing AWS credits where they help pay for some of those modernization efforts for some of customers. So yeah, in some cases, that would be the preferred methods, certainly making use of automation and things like containers and part of the reason we want to do that is because we don’t want to just sprawl the environment. If we just take a legacy, complex application, and we just move it to a public cloud, all we’ve done is made it more complex and harder to manage. And so if there are opportunities to retool, then we certainly would help with that as well.

Justin Parisi: So what’s the oldest application or setups that you’ve had to move to a cloud architecture?

Sagi Brody: Well, that’s a good question. You know, a lot of times we go into environments and we’ll do an audit and we’ll look at all the apps and platforms. And sure enough, we ended up seeing a lot of IBM I series and P series platforms. And we learned you can’t just tell people, Oh, why don’t you just rewrite those and run them on a Windows or Linux platform. As you probably know, it’s not always that simple. Sometimes these platforms are there because the application, there’s a limitation. It can’t be moved.

It stopped being supported years ago, but if it’s still there, it must still be important to them. So, we have solutions where we can run virtual LPARs for IBM platforms in the cloud. There are certainly cases where people need to run physical boxes if it’s like a manufacturing use case. We try to have tools in our tool belt to circumvent those types of situations.

Justin Parisi: So you’re not recoding COBOL or anything like that?

Sagi Brody: No, we’re not. So what we will help modernize internally is really making use of AWS’s platforms.

And so we can run Function as a Service or take an application and rewrite it with a microservice architecture on ECS. Those are things we will do. But we’re not going to rewrite COBOL.

Justin Parisi: So, what about security?

How do you address The concerns that customers may have about moving to the cloud and securing their data. What is Opti9 offering to help that peace of mind there?

Sagi Brody: So we do actually have a suite of security services including MDR, EDR real time SOC. It’s something that we stayed away from for a long time because a lot of people just say, Oh yeah, and by the way, we do security.

And it’s a very dangerous thing to say. Security is its own entire world. And so we partnered with an organization called FieldEffect and that’s all they do. And what we’ve done is build our platforms and integrated them together so that we can provide a single cohesive service where when we say we take ownership of our customers environments, it includes securing them.

And what I’ve seen is people just making a ton of bad assumptions when it comes to cloud. They might move their workloads to a public cloud and they just assume, oh, I’m using Microsoft, so they must ensure my security, or they must ensure my resilience, and so on. What we try to do is instead of waiting for the customer to ask us the right questions, we basically state, here’s what we take ownership of, send a long list of everything that they can hold us accountable to long term.

And then we spell out what their responsibilities are going to be moving forward from that point. So there’s no surprises.

Justin Parisi: An aspect of security would be the data governance piece. So regulations, classified information, that sort of thing. So how does Opti9 handle situations where you have to deal with those types of things?

Sagi Brody: Well, we will ensure sovereignty. If their data needs to be sovereign to a certain region, or they have a data governance policy that mandates that they keep, let’s say seven years worth of retention data, we will take ownership of that’s happening. In fact, many of our customers simply send us their compliance requirements, the forms that their auditors or their customers are asking them to fill out, and we will answer those questions on their behalf. And so it’s pretty often that they’ll send us the forms. we’ll answer like 80 percent of the questions and then we’ll kick it back to them and they’ll fill in the blanks. Because we’re the ones responsible for those components.

Justin Parisi: So in the case of data spillage or violating one of those regulations, does the ownership fall on Opti9 or does it fall on the customer? Is there something written into the contract agreement there?

Sagi Brody: Yeah, great question. There is actually. Each industry is a little different, but healthcare and HIPAA is probably the one that’s most widely discussed or understood.

If there is a HIPAA violation, the federal government can fine the organization that violated it, and what happens with organizations like Opti9 is we will enter into a business associate agreement basically saying to our customers, hey, for the components, of your security and data governance that we are responsible for, we are agreeing to allow those fines to be passed along to us because we are responsible for those components.

Justin Parisi: Okay, so you take on the ownership of the pieces that you’re responsible for, and that’s good because I think customers would not be happy if you didn’t.

Sagi Brody: Yeah, and on that note, I’d say people are not necessarily asking the right questions even when it comes to this stuff.

WIthin healthcare, a BAA is a fairly known document, but all too often I hear people say to us as a vendor, will you assign a BAA? Most vendors in the cloud say yes. But the right question is what does your BAA cover? If you look at Microsoft Azure’s BAA or AWS’s BAA.

They sign one, but if you look at it, it’s only covering physical security. If somebody breaks into one of their data centers and steals physical disks, they’re on the hook. Everything else is the responsibility of the customer. And in their defense, that’s how it should be because those platforms are do it yourself. You have to log in. You have to configure all your security rules and configure your resilience and the rest, it’s all on you. And so a lot of people don’t know that. And so what we do with Opti9 is if you want to use AWS, we’ll sit on top of that, we’ll throw all your data there, but because we’re managing all that, RBA covers everything.

Justin Parisi: Gotcha. So basically, it’s a decision of, do I want to take ownership of this particular Piece of the puzzle. If something goes wrong, I have to take care of it. Or do I want to have a managed service do it for me? And that way it takes some of the pressure off of me as an IT administrator.

Sagi Brody: Yeah, a hundred percent. And something like backups and disaster recovery, which is one of our specialties, that’s a great thing to outsource. Because it’s not making a major change to your production environment. It’s responsive to your production environment.

we can come in and rebuild your disaster recovery strategy and, almost have no impact to your production. And then we’ll do cool things like write all your runbooks, write your runbook for a full failover, partial failover, for a ransomware attack. We’ll own running all the testing.

And so that’s a fairly easy thing to get off your plate if you’re an IT manager who’s constantly getting new responsibilities, thrown on.

Justin Parisi: How do you handle the data gravity problem where you have a lot of data on prem, you need to move it to the cloud and do it efficiently and cost effectively?

Sagi Brody: That really gets into integrations and we just really start looking at what platforms are you running and what are the limitations of those platforms. And sometimes we talk to folks who are running their existing storage appliances at capacity.

And if we start wanting to replicate data or send a copy, their platform might become a limitation. So, sometimes we have to help them provide recommendations for what they should be doing with their on prem platforms. We happen to run NetApp for the majority of our underlying storage, right?

And so if you decide what’s going on with Broadcom and VMware, it’s just too much. I don’t want to be responsible for running my VMware based private cloud anymore, we will run a complete private cloud for you. Bare metal nodes. Let’s say it’s a five node cluster, we roll in all the VMware licensing, and lucky for us, the hit on the licenses from Broadcom wasn’t as hard as their hitting enterprises.

So we can run all that as a service, you know, licenses, management, backups, security, all built in. We can tie into a customer’s existing SD WAN or MPLS network. We can tie into their existing security framework and they can keep managing their applications exactly as they were today. And they can know that the underlying hypervisor is the same.

if they’re using NetApp today, they have the assurances and the confidence that we’re also running NetApp under the hood. They have the trust there and if it is NetApp, then obviously we can, use tools like SnapMirror to help us get the data over in the most efficient manner.

Justin Parisi: Yeah, SnapMirror is going to help that data gravity problem because it’s efficient, it’s fast, right? So that leads me to my next question about the NetApp portion. When you’re in cloud providers, are you leveraging things like Cloud Volumes ONTAP? Are you using Amazon FSxN for ONTAP? Are you using Azure NetApp Files?

Sagi Brody: Yeah, so if they make use of ONTAP there’s a few options there. If they want to provide us with their own account information, if they want to select a destination, that’s fine.

If they want us to manage it on their behalf we can resell it to them. There are many options and we support all of them, but in general, this concept of having multiple tiers of storage that matches your requirements. Obviously not all of it needs to be fast block storage.

If some of it’s there for archival purposes. Then we totally support that. We have many options when it comes to different storage platforms, depending on the use cases. It all starts with what’s your use case and then understanding the storage capacity and performance requirements of that use case.

I’ll give you one example is when we are talking to folks about disaster recovery, we look at the criticality of the applications and we want to understand what is the RTO? Now, how quickly do you need these applications to come up after a disaster? And if it’s immediate then their data is sitting on NetApp storage that has the performance capability to run their application in production.

If they can wait a few days, then we end up putting it on a lower tier storage, which is most appropriate and also saves them money. So they’re not paying for that performance storage all the time.

Justin Parisi: So, as a service provider what sort of ONTAP features are the most valuable to you?

What are you using the most?

Sagi Brody: I would say one thing that’s important, something that’s glossed over by a lot of other vendors is the ability to understand your performance on a per tenant basis. There’s a lot of storage platforms that will allow you to set capacity quotas and say, this customer should only be able to use 10 terabytes but we enjoy the capability of being able to see which of our tenants are using the most IOPS or other performance characteristics because as a service provider, what you don’t want is noisy neighbors.

And you don’t want performance spillage. And so that’s really important to us. It also helps us troubleshoot. Another thing I think that people don’t realize with service providers is oftentimes we don’t fully understand what workloads our customers are running. If it’s an enterprise environment, you as an IT manager might be responsible for the infrastructure platforms and you might have really deep insights into the applications or speak to the application teams and understand why an application might need more performance or use more performance. For us, we’re providing the platform and the customers are free to make those changes without necessarily telling us. We’re there to provide the SLA around it. And so being able to see utilization, not only from a capacity, but from a performance capability is just paramount to our business.

Justin Parisi: So what is your performance monitoring tool of choice when you’re dealing with the NetApps?

Sagi Brody: Let’s see, Weber NMS is one of them, which is an open source tool. We also use NMS as well, just flat out NMS. And we built that into an orchestration platform so that we can ensure that our SLAs are being met for customers on a performance and IOP basis.

And so we were leveraging some of the APIs for that.

Justin Parisi: Do you leverage Grafana Harvest at all?

Sagi Brody: We do leverage Grafana as well as Prometheus, and we’ve used Grafana for some of our dashboards. So yeah, certainly that as well.

Justin Parisi: And things like snapshots, FlexClones are you leveraging any of that in your environment?

Sagi Brody: Yep, absolutely. That all happens behind the scenes. We do provide a default configuration for how often those are done. Customers can request changes if they want something different. But we also are using third party technologies like Veeam, who I think are their second largest service provider in the world.

And when backups are taken, or when snapshots are taken for replicas for disaster recovery, Veeam is using those integrations so that we’re not having to run like a VMware snapshot.

Justin Parisi: So I know that with ONTAP you have the ability to enable storage efficiencies and get savings on the back end. Are you exposing that to customers or are you basically trying to make sure that the capacity they use is the capacity they pay for? How does that all work?

Sagi Brody: We charge based on logical capacity. Unfortunately the data reduction because it’s different per customer and per workload, it’s very difficult to sell it in any other way. But what we do is we look at what the aggregated data reduction is across the board.

And we enjoy the ability to be able to reduce that logical cost to the customer based on what we’re seeing. And so that obviously makes a huge difference in what people are paying. And it’s generally one of the first questions people ask.

Justin Parisi: That’s good. Cause if you’re putting a bunch of duplicate data on storage and it gets de-duplicated and the service provider gets the savings. You know, the customer would probably like to see some of that back as well.

Sagi Brody: Yeah. And that’s how we can stay competitive. When you look at various private cloud providers or backup and disaster recovery providers, the standard is around logical storage consumed and so the way that we’re able to maintain our competitiveness and to ensure the lowest cost is by aggressively using platforms like ONTAP that can achieve that. There are some providers that are out there that charge based on provision capacity, right? Which is a bad thing and something that people sometimes don’t realize until after they’ve signed the contract.

Justin Parisi: Yeah. And I can kind of get that because as a provider, if you’re charging based on storage efficiency, if something gets rehydrated, it creates a problem when you’re dealing with your physical storage. So, I get that to an extent, but yeah, you should be able to pass on the savings to your customers there for sure.

So what about things like cold data tiering, the FabricPool aspect, going to S3 storage?

Do you utilize any of that in your environment?

Sagi Brody: Yep. Yep. We do. In fact, that comes into play specifically just going back to our backup and DR use case, which is one of the things that we’re constantly innovating on and that is critical. And so we do make use of tiering and oftentimes we were able to build a really interesting strategy for a backup use case where we can have, let’s say two weeks or a month worth of restore capability immediately available within the metro or a low latency to the customer, and then anything older than that we typically will store on low cost S3 compatible storage. So, yeah, we are leveraging that today.

Justin Parisi: And do you offer transparency to customers to take a look at performance, take a look at capacities, to see it for themselves, or is this just something that just happens behind the scenes and they don’t have to worry about it?

Sagi Brody: Yeah, good question. So they have a portal where they can see all of their data and performance utilization in real time and historical.

They can see a long list of alarms, which is kind of interesting. It’s kind of like a dynamic RSCI matrix where they can specify which types of technical alerts they want to participate in and they can see which ones go to us only, which ones go to them only to handle. But as far as the underlying performance metrics of the storage platforms. In general, we don’t expose those because they don’t want to see those anymore. They’re buying an SLA from us around capacity and performance and response time and latency. And that actually gives us the ability to swap out hardware as needed so that we can hit those SLAs.

If something is not performing for the customer and it’s going to require an upgrade or another shelf purchased, that’s on us. We have to keep doing whatever we need to do to hit the performance metrics. And so it’s actually advantageous to the customer just to contract around the outcome and then the service provider vendor has to go and do whatever they need to do to hit those outcomes.

Justin Parisi: So you mentioned the hardware portion and as a service provider, that hardware starts to age out and you have to start replacing it and adding new heads, and we do have non disruptive upgrades and that sort of thing. But sometimes you just have to move to an entirely new platform. Are you leveraging SnapMirror for that?

Or are you using the vServer Migrate feature? How are you doing migrations within your data center to minimize the impact to your end customers?

Sagi Brody: We have used SnapMirror. Honestly, it all really depends on the specific applications that we’re running. If it’s VMware, then we’ll probably run the data migration within VMware, which obviously is going to make use of NetApp APIs under the hood.

If it’s Veeam, we’ll do the same thing, and it’s the same situation. We want to be as intimate and high up the stack as possible, but you can’t always do that. And, so having sort of, you know, your NetApp capabilities is a catch all with non disruptive features is great, because the last thing anybody wants is an email with a maintenance window that involves downtime.

Justin Parisi: Yeah. And sometimes it’s going to happen. When you’re dealing with stateful protocols or you have to replace physical NICs, that sort of thing, you might have a little bit of a blip.

Sagi Brody: Yeah. Yeah. And we do our best and we actually have a really good cadence around the maintenance windows and we have separate teams that manage all of these different layers.

So knock on wood, they’ve gotten pretty good. I mean, I’ve been doing this for a very long time gosh, almost more than 25 years now. And the types of features that NetApp has built and others are just, they’re mind blowing when you think about how we used to do things and we’d have each customer on their own separate physical device and the overhead of managing that was just insane.

Justin Parisi: So what is the ONTAP version philosophy for you? Are you running the very latest release? Are you running a version behind? The latest P release? How are you handling the ONTAP upgrades and what are you trying to do to minimize risk?

Sagi Brody: We typically run a version behind in general, we’re looking for a strategy, which is really predicated on stability, really security first, right?

I mean, if there’s a patch that needs to be applied because of security reasons and we’re all over it, I think a lot of times you can’t just take that at face value. You have to really understand this goes for, obviously any patch that’s out there. It can’t just be a generic security update. Is it specific to a certain configuration or to a certain scenario? We have to look at that. But certainly security is most important. And then stability and then features. If there’s a feature that a specific customer needs, then obviously it’s going to incentivize us to wanna upgrade faster.

But in general, we try to maintain a version behind.

Justin Parisi: And when there is a new feature that comes with an ONTAP release, when you upgrade, do you advertise that feature saying, Hey, you know, we have this new ability to do this. Would you be interested in turning this on? That sort of stuff.

Sagi Brody: Sometimes. You know, it’s not always necessarily gonna be like, hey, we upgraded our ONTAP and therefore now you can make use of this. Sometimes it is. But I would say most often that it works its way into our own marketing language. Opti9’s Disaster Recovery as a Service now has this new added benefit of supporting X, Y, and Z because we definitely serviceify and take all of our capabilities and wrap them around your core.

And so what NetApp is doing from an innovation perspective and being responsive to our needs and the needs of our market is crucially important because that has the ability to hinder our capability to innovate and to provide services to our customers or allow us to be at the cutting edge.

And that’s important from a partnership perspective. We have worked with many hardware vendors over the years and we’re in a partnership. And what’s important to us is that we have folks sitting on the other side of the table that listen to our needs that provide us with workarounds if we run into some weird scenario. Service providers are different than enterprise customers, so different.

And so the fact that you guys even have specific service provider teams and people that speak our language and understand our use cases. That’s huge. For many years no vendors understood service providers as a market, so that’s different now. And I think NetApp has won us over. We’ve actually ended up swapping out from a few other legacy hardware providers and have been trying our best to standardize across the board. Now,

Justin Parisi: Are you using the ransomware detection feature?

Sagi Brody: We do use some of that. We also have built some secret sauce ourselves.

And so we will take multiple inputs from multiple technologies and again, wrap and build a service around it. But yeah, we are running I think some of what you guys are running now, I don’t know if it’s in production yet. I’d have to check, but it’s certainly on our radar if it’s not.

Justin Parisi: So if I’m a customer of Opti9 and I have a technical problem, And I need to call support. Am I calling you or am I calling NetApp?

Sagi Brody: You’ll never call NetApp. You’re calling us. We basically are the ones who are the NetApp customers. We’re buying the hardware and we’re building the service around it.

And the customers are working with us. Any escalation to third parties gets done behind the scenes.

Justin Parisi: Do they ever get brought into calls in collaboration with the vendors like NetApp or whatever network vendor you use?

Sagi Brody: Yeah, sometimes.

Sometimes, especially in hybrid scenarios where the customers may already have NetApp installed and want to continue running their own NetApp owned hardware, and that’s fine. I mean, again, there’s not a one size fits all. We have customers that have made investments into NetApp and want to make use of those filers and are continuing to run infrastructure on-prem or in a co-lo.

And then we sit side by side or alongside. And we have these architectural conversations. The fact that we also are running NetApp under the hood obviously allows everybody to speak the same language and gives us capabilities that we wouldn’t have if the customer wasn’t.

And so it really is an added bonus. But yeah, absolutely. Sometimes when we have architectural conversations with customers, we bring in NetApp. They bring in their folks, we bring in our folks and we have a lot more capability to provide a scenario which really meets their requirements even better.

Justin Parisi: So we’ve talked a lot about ONTAP and that’s because it’s a core tenant of NetApp. But there are other aspects of NetApp such as StorageGRID for object. There’s also Astra for backup for Kubernetes. Are you leveraging any of those other pieces of the NetApp portfolio?

Sagi Brody: We’ve looked at StorageGRID. We are not running it yet, but I can tell you it’s something that we are seriously interested in. If anybody out there has ever managed a Ceph cluster, you’ll know immediately why I’m saying that. But, we trust NetApp as a vendor and our customers trust us.

We have to trust vendors. To a very extreme extent we’re entrusting our business just like our customers are and so it makes sense to work with the same vendors around your entire ecosystem of storage products and then especially when comparing it to open source platforms like Ceph.

I mean, Ceph is great and it has awesome capabilities but the operational overhead that comes along with it, even at our scale, it’s almost like a full time job for a team of people where NetApp really allows us to focus on our customer use cases and innovate.

Justin Parisi: As a managed service provider, Do you offer different levels of service? Do you have a la carte, where you just do security or just do replication and backup? How does that all work? As a customer, what do I have available to me?

Sagi Brody: Yeah, there’s always going to be multiple layers or tiers of services available.

So if we’re talking about an organization has existing deployments, they want to keep running their infrastructure themselves but they’d like to outsource backups or disaster recovery. And so we have multiple tiers when it comes to those services around how many copies of the data would you like? What is your RTO, RPO requirements? What is the application performance, metrics needed and so there’s never a one size fits all. And, we also want to be cost conscious and ensure that they can hit some of their or all their requirements within their budget. And so sometimes we might start with backups only and then look at the 10 percent most critical applications and provide disaster recovery for them and backups is good for the rest.

I mean, it’s totally plausible.

Justin Parisi: And do you offer initial application analysis, data analysis?

Sagi Brody: So we generally will do that at no cost to an extent, right? Like if someone’s looking for fully managed backups or disaster recovery.

We do audit their environment and we do collect some metrics or have them run a live optic. Sometimes maybe we’ll ask them for some NetApp storage specific reports. But, we can put together a pretty comprehensive proposal with two phone calls and some exports.

That is, I would say 5 percent within what their deployment is going to look like at the end of the day. If we’re talking more about the application modernization conversation, like we were at the beginning and they want to look at moving off a custom COBOL application.

Sometimes, we do paid engagements or if we’re considering moving them to AWS, oftentimes AWS will also help with the funding if it qualifies. Anything on the application layer is going to be more in depth. The great thing about production infrastructure and backups and DR is that you can do that without necessarily having to involve the application much.

Justin Parisi: Yeah, a lot of that stuff is agnostic to applications, but there are application aware backups and crash consistent backups that have to be taken into account. So those usually require some software that interacts with those applications. How do you handle those scenarios where the backup application has to tell the application to, hey, wait a second, we’re getting ready to take a backup.

Sagi Brody: Yeah, so we pretty much use Veeam exclusively as a backup orchestrator. And Veeam along with great NetApp integrations also has awesome application aware integrations with Oracle and SQL Server and pretty much all the popular applications. And then there’s always the ability to execute your own scripts, which we’ve rarely had to do just to ensure crash consistent backups.

Justin Parisi: Do you have any customers that absolutely require you to do tape backups?

Sagi Brody: Not anymore. Not anymore. We do do some virtual tape backups. Yeah. VTL is interesting, especially like S3 wrapped VTL, because now your backups are sitting on two different types of virtual mediums. But really We have many customers now that the cost of inexpensive S3 compatible storage platforms has dropped, we see a lot of people coming to us because they want to get away from tape and now we can still achieve incredibly low cost and then provide them with immutability. for their backups as well. And then we also released this product called Observer, which is a ransomware detection and prevention service where we noticed a lot of attackers when they get into traditional IT environments, they’re seeking out and looking for backup platforms so that they can get into them and destroy all the backups, destroy the DR sites so that when they ransomware the victim, they have no recourse to recovery. And so we built this tool that looks for anomalous configuration changes being made in the backup environment or in the replication tools. And we’re using AI and ML to detect those anomalies. And when we detect those anomalies, we notify our customers. We can air gap their off site backups or DR, and in some cases, prevent the attack before it happens.

Justin Parisi: That’s definitely a very nefarious way that they try to get you, is getting rid of all the snapshots, getting rid of the backups. ’cause they can’t get the ransom if you’ve got a way to recover.

Sagi Brody: Yeah, exactly.

Justin Parisi: And as far as the tape goes, I mean, I figured with the IBMs and the LPARs and that sort of thing, you might have a few customers here and there.

Sagi Brody: Oh, yeah. I mean, some of the customers are still running that on prem, but we do provide off site backups for IBM platforms and we are doing that without tape.

Justin Parisi: All right. Sounds like Opti9 offers a lot of ability to do cloud without having to do cloud. Right. So Sagi, where would I find more information if I wanted to do that?

Sagi Brody: Yeah hit us up at Opti9Tech. com, that’s with the Opti, and then the number nine, and Tech, T E C H. com or find me on LinkedIn, happy to talk more.

Justin Parisi: Absolutely. We’ll include links in our blog. Along with the LinkedIn post that we put out. So again, thank you for joining us and talking to us all about Opti9.

All right, that music tells me it’s time to go. If you’d like to get in touch with us, send us an email to podcast@netapp.com or send us a tweet @NetApp. As always, if you’d like to subscribe, find us on iTunes, Spotify, GooglePlay, iHeartRadio, SoundCloud, Stitcher, or via techontappodcast.com. If you liked the show today, leave us a review.

On behalf of the entire Tech ONTAP Podcast team, I’d like to thank Sagi Brody for joining us today. As always, thanks for listening.

Podcast intro/outro: [Outro]